[ca-certificates-java] 23/58: * Use javahelper as buildsystem: - d/control: Add Build-Depends on javahelper. - d/rules: Use jh_build to call javac. * Create a testsuite for this package: - Refactor UpdateCertificates code to send exceptions instead of System.exit(1). - New testsuite: UpdateCertificatesTest. - d/control: Build-Depends on junit4. - d/rules: Launch junit after build and handle "nocheck" option in DEB_BUILD_OPTIONS.
Emmanuel Bourg
ebourg-guest at moszumanska.debian.org
Wed May 31 13:13:16 UTC 2017
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository ca-certificates-java.
commit 8f08b2a40f22ed20949777743acc9feaa51bac29
Author: Damien Raude-Morvan <drazzib at debian.org>
Date: Sun Jun 3 13:58:49 2012 +0000
* Use javahelper as buildsystem:
- d/control: Add Build-Depends on javahelper.
- d/rules: Use jh_build to call javac.
* Create a testsuite for this package:
- Refactor UpdateCertificates code to send exceptions instead of
System.exit(1).
- New testsuite: UpdateCertificatesTest.
- d/control: Build-Depends on junit4.
- d/rules: Launch junit after build and handle "nocheck" option in
DEB_BUILD_OPTIONS.
---
Exceptions.java | 61 ++++++++++++
UpdateCertificates.java | 168 +++++++++++++++++++++++----------
UpdateCertificatesTest.java | 221 ++++++++++++++++++++++++++++++++++++++++++++
debian/changelog | 15 +++
debian/control | 12 ++-
debian/copyright | 4 +-
debian/jks-keystore.hook.in | 6 +-
debian/postinst.in | 8 +-
debian/rules | 20 +++-
9 files changed, 448 insertions(+), 67 deletions(-)
diff --git a/Exceptions.java b/Exceptions.java
new file mode 100644
index 0000000..582db56
--- /dev/null
+++ b/Exceptions.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2012 Damien Raude-Morvan <drazzib at debian.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+/**
+ * Custom exceptions used by {@link UpdateCertificates}
+ *
+ * @author Damien Raude-Morvan <drazzib at debian.org>
+ */
+public class Exceptions {
+
+ /**
+ * Data send in stdin is invalid (neither "+" or "-" command).
+ */
+ public static class UnknownInput extends Exception {
+ private static final long serialVersionUID = 5698253678856993527L;
+ public UnknownInput(final String message) {
+ super(message);
+ }
+
+ }
+
+ /**
+ * Unable to save keystore to provided location.
+ */
+ public static class UnableToSaveKeystore extends Exception {
+ private static final long serialVersionUID = 3632154306237688490L;
+ public UnableToSaveKeystore(final String message, final Exception e) {
+ super(message, e);
+ }
+
+ }
+
+ /**
+ * Unable to open keystore from provided location (might be an invalid password
+ * or IO error).
+ */
+ public static class InvalidKeystorePassword extends Exception {
+ private static final long serialVersionUID = 7004201816889107694L;
+ public InvalidKeystorePassword(final String message, final Exception e) {
+ super(message, e);
+ }
+
+ }
+
+}
diff --git a/UpdateCertificates.java b/UpdateCertificates.java
index 7eb0a42..8d78ec8 100644
--- a/UpdateCertificates.java
+++ b/UpdateCertificates.java
@@ -1,9 +1,6 @@
/*
* Copyright (C) 2011 Torsten Werner <twerner at debian.org>
- *
- * This code is a re-implementation of the idea from Ludwig Nussel found in
- * http://gitorious.org/opensuse/ca-certificates/blobs/master/keystore.java
- * for the Debian operating system. It updates the global JVM keystore.
+ * Copyright (C) 2012 Damien Raude-Morvan <drazzib at debian.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -30,13 +27,27 @@ import java.io.InputStreamReader;
import java.io.Reader;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
+import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
+/**
+ * This code is a re-implementation of the idea from Ludwig Nussel found in
+ * http://gitorious.org/opensuse/ca-certificates/blobs/master/keystore.java
+ * for the Debian operating system. It updates the global JVM keystore.
+ *
+ * @author Torsten Werner
+ * @author Damien Raude-Morvan
+ */
public class UpdateCertificates {
- private static char[] password = null;
- private static KeyStore keystore = null;
- private static CertificateFactory certFactory = null;
+
+ private char[] password = null;
+
+ private String ksFilename = null;
+
+ private KeyStore ks = null;
+
+ private CertificateFactory certFactory = null;
public static void main(String[] args) throws IOException, GeneralSecurityException {
String passwordString = "changeit";
@@ -47,28 +58,43 @@ public class UpdateCertificates {
System.err.println("Usage: java UpdateCertificates [-storepass <password>]");
System.exit(1);
}
- password = passwordString.toCharArray();
- keystore = createKeyStore();
- certFactory = CertificateFactory.getInstance("X.509");
- // Force reading of inputstream int UTF-8
- processChanges(new InputStreamReader(System.in, "UTF8"));
- writeKeyStore();
+
+ try {
+ UpdateCertificates uc = new UpdateCertificates(passwordString, "/etc/ssl/certs/java/cacerts");
+ // Force reading of inputstream in UTF-8
+ uc.processChanges(new InputStreamReader(System.in, "UTF8"));
+ uc.writeKeyStore();
+ } catch (Exceptions.InvalidKeystorePassword e) {
+ e.printStackTrace(System.err);
+ System.exit(1);
+ } catch (Exceptions.UnableToSaveKeystore e) {
+ e.printStackTrace(System.err);
+ System.exit(1);
+ }
}
+
+ public UpdateCertificates(final String passwordString, final String keystoreFile) throws IOException, GeneralSecurityException, Exceptions.InvalidKeystorePassword {
+ this.password = passwordString.toCharArray();
+ this.ksFilename = keystoreFile;
+ this.ks = openKeyStore();
+ this.certFactory = CertificateFactory.getInstance("X.509");
+ }
- private static KeyStore createKeyStore() throws GeneralSecurityException, IOException {
+ /**
+ * Try to open a existing keystore or create an new one.
+ */
+ private KeyStore openKeyStore() throws GeneralSecurityException, IOException, Exceptions.InvalidKeystorePassword {
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
- File certInputFile = new File ("/etc/ssl/certs/java/cacerts");
+ File certInputFile = new File(this.ksFilename);
FileInputStream certInputStream = null;
if (certInputFile.canRead()) {
certInputStream = new FileInputStream(certInputFile);
}
try {
- ks.load(certInputStream, password);
+ ks.load(certInputStream, this.password);
}
catch (IOException e) {
- System.err.println("Cannot open Java keystore. Is the password correct? Message:\n " +
- e.getMessage());
- System.exit(1);
+ throw new Exceptions.InvalidKeystorePassword("Cannot open Java keystore. Is the password correct?", e);
}
if (certInputStream != null) {
certInputStream.close();
@@ -76,40 +102,40 @@ public class UpdateCertificates {
return ks;
}
- private static void processChanges(Reader reader)
+ /**
+ * Until reader EOF, try to read changes and send each to {@link #parseLine(String)}.
+ */
+ protected void processChanges(final Reader reader)
throws IOException, GeneralSecurityException {
String line;
BufferedReader bufferedStdinReader = new BufferedReader(reader);
while((line = bufferedStdinReader.readLine()) != null) {
- parseLine(line);
+ try {
+ parseLine(line);
+ } catch (Exceptions.UnknownInput e) {
+ System.err.println("Unknown input: " + line);
+ // Keep processing for others lines
+ }
}
}
- private static void deleteAlias(String alias) throws GeneralSecurityException {
- if (keystore.containsAlias(alias)) {
- System.out.println("Removing " + alias);
- keystore.deleteEntry(alias);
- }
- }
-
- private static void parseLine(String line)
- throws GeneralSecurityException, IOException {
+ /**
+ * Parse given line to choose between {@link #addAlias(String, Certificate)}
+ * or {@link #deleteAlias(String)}.
+ */
+ protected void parseLine(final String line)
+ throws GeneralSecurityException, IOException, Exceptions.UnknownInput {
+ assert this.ks != null;
+
String path = line.substring(1);
String filename = path.substring(path.lastIndexOf("/") + 1);
String alias = "debian:" + filename;
if(line.startsWith("+")) {
- Certificate cert = createCertificate(path);
+ Certificate cert = loadCertificate(path);
if (cert == null) {
return;
}
- if(keystore.containsAlias(alias)) {
- System.out.println("Replacing " + alias);
- keystore.deleteEntry(alias);
- }
- else {
- System.out.println("Adding " + alias);
- }
- keystore.setCertificateEntry(alias, cert);
+ addAlias(alias, cert);
}
else if (line.startsWith("-")) {
deleteAlias(alias);
@@ -118,15 +144,58 @@ public class UpdateCertificates {
deleteAlias(filename);
}
else {
- System.err.println("Unknown input: " + line);
+ throw new Exceptions.UnknownInput(line);
}
}
+
+ /**
+ * Delete cert in keystore at given alias.
+ */
+ private void deleteAlias(final String alias) throws GeneralSecurityException {
+ assert this.ks != null;
+
+ if (contains(alias)) {
+ System.out.println("Removing " + alias);
+ this.ks.deleteEntry(alias);
+ }
+ }
- private static Certificate createCertificate(String path) {
+ /**
+ * Add or replace existing cert in keystore with given alias.
+ */
+ private void addAlias(final String alias, final Certificate cert)
+ throws KeyStoreException {
+ assert this.ks != null;
+
+ if(contains(alias)) {
+ System.out.println("Replacing " + alias);
+ this.ks.deleteEntry(alias);
+ }
+ else {
+ System.out.println("Adding " + alias);
+ }
+ this.ks.setCertificateEntry(alias, cert);
+ }
+
+ /**
+ * Returns true when alias exist in keystore.
+ */
+ protected boolean contains(String alias) throws KeyStoreException {
+ assert this.ks != null;
+
+ return this.ks.containsAlias(alias);
+ }
+
+ /**
+ * Try to load a certificate instance from given path.
+ */
+ private Certificate loadCertificate(final String path) {
+ assert this.certFactory != null;
+
Certificate cert = null;
try {
FileInputStream certFile = new FileInputStream(path);
- cert = certFactory.generateCertificate(certFile);
+ cert = this.certFactory.generateCertificate(certFile);
certFile.close();
}
catch (Exception e) {
@@ -136,16 +205,19 @@ public class UpdateCertificates {
return cert;
}
- private static void writeKeyStore() throws GeneralSecurityException {
+ /**
+ * Write actual keystore content to disk.
+ */
+ protected void writeKeyStore() throws GeneralSecurityException, Exceptions.UnableToSaveKeystore {
+ assert this.ks != null;
+
try {
- FileOutputStream certOutputFile = new FileOutputStream("/etc/ssl/certs/java/cacerts");
- keystore.store(certOutputFile, password);
+ FileOutputStream certOutputFile = new FileOutputStream(this.ksFilename);
+ this.ks.store(certOutputFile, this.password);
certOutputFile.close();
}
catch (IOException e) {
- System.err.println("There was a problem saving the new Java keystore. Message:\n " +
- e.getMessage());
- System.exit(1);
+ throw new Exceptions.UnableToSaveKeystore("There was a problem saving the new Java keystore.", e);
}
}
}
diff --git a/UpdateCertificatesTest.java b/UpdateCertificatesTest.java
new file mode 100644
index 0000000..a35c88a
--- /dev/null
+++ b/UpdateCertificatesTest.java
@@ -0,0 +1,221 @@
+/*
+ * Copyright (C) 2012 Damien Raude-Morvan <drazzib at debian.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+import java.io.File;
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+
+import junit.framework.Assert;
+
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Tests for {@link UpdateCertificates}.
+ *
+ * @author Damien Raude-Morvan
+ */
+public class UpdateCertificatesTest {
+
+ private static final String ALIAS_CACERT = "debian:cacert.org.crt";
+ private static final String INVALID_CACERT = "x/usr/share/ca-certificates/cacert.org/cacert.org.crt";
+ private static final String REMOVE_CACERT = "-/usr/share/ca-certificates/cacert.org/cacert.org.crt";
+ private static final String ADD_CACERT = "+/usr/share/ca-certificates/cacert.org/cacert.org.crt";
+
+ private String ksFilename = null;
+ private String ksPassword = null;
+
+ @Before
+ public void start() {
+ this.ksFilename = "./tests-cacerts";
+ this.ksPassword = "changeit";
+ // Delete any previous file
+ File keystore = new File(this.ksFilename);
+ keystore.delete();
+ }
+
+ /**
+ * Test a simple open then write without any modification.
+ */
+ @Test
+ public void testNoop() throws IOException, GeneralSecurityException,
+ Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.writeKeyStore();
+ }
+
+ /**
+ * Test a to open a keystore and write without any modification
+ * and then try to open it again with wrong password : will throw a
+ * InvalidKeystorePassword
+ */
+ @Test
+ public void testWriteThenOpenWrongPwd() throws IOException,
+ GeneralSecurityException, Exceptions.UnableToSaveKeystore {
+ try {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.writeKeyStore();
+ } catch (Exceptions.InvalidKeystorePassword e) {
+ Assert.fail();
+ }
+
+ try {
+ UpdateCertificates uc = new UpdateCertificates("wrongpassword",
+ this.ksFilename);
+ Assert.fail();
+ uc.writeKeyStore();
+ } catch (Exceptions.InvalidKeystorePassword e) {
+ Assert.assertEquals(
+ "Cannot open Java keystore. Is the password correct?",
+ e.getMessage());
+ }
+ }
+
+ /**
+ * Test a to open a keystore then remove its backing File (and replace it
+ * with a directory with the same name) and try to write in to disk :
+ * will throw an UnableToSaveKeystore
+ */
+ @Test
+ public void testDeleteThenWrite() throws IOException,
+ GeneralSecurityException, Exceptions.InvalidKeystorePassword {
+ try {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+
+ // Replace actual file by a directory !
+ File keystore = new File(this.ksFilename);
+ keystore.delete();
+ keystore.mkdir();
+
+ // Will fail with some IOException
+ uc.writeKeyStore();
+ Assert.fail();
+ } catch (Exceptions.UnableToSaveKeystore e) {
+ Assert.assertEquals(
+ "There was a problem saving the new Java keystore.",
+ e.getMessage());
+ }
+ }
+
+ /**
+ * Try to send an invalid command ("x") in parseLine : throw UnknownInput
+ */
+ @Test
+ public void testWrongCommand() throws IOException,
+ GeneralSecurityException, Exceptions.InvalidKeystorePassword {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ try {
+ uc.parseLine(INVALID_CACERT);
+ Assert.fail();
+ } catch (Exceptions.UnknownInput e) {
+ Assert.assertEquals(INVALID_CACERT, e.getMessage());
+ }
+ }
+
+ /**
+ * Test to insert a valid certificate and then check if it's really in KS.
+ */
+ @Test
+ public void testAdd() throws IOException, GeneralSecurityException,
+ Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
+ Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.parseLine(ADD_CACERT);
+ uc.writeKeyStore();
+
+ Assert.assertEquals(true, uc.contains(ALIAS_CACERT));
+ }
+
+ /**
+ * Test to insert a invalide certificate : no exception, but check there
+ * is no alias created with that name
+ */
+ @Test
+ public void testAddInvalidCert() throws IOException,
+ GeneralSecurityException, Exceptions.UnknownInput,
+ Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.parseLine("+/usr/share/ca-certificates/null.crt");
+ uc.writeKeyStore();
+
+ Assert.assertEquals(false, uc.contains("debian:null.crt"));
+ }
+
+ /**
+ * Try to add same certificate multiple time : we replace it and
+ * there is only one alias.
+ */
+ @Test
+ public void testReplace() throws IOException, GeneralSecurityException,
+ Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
+ Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.parseLine(ADD_CACERT);
+ uc.parseLine(ADD_CACERT);
+ uc.writeKeyStore();
+
+ Assert.assertEquals(true, uc.contains(ALIAS_CACERT));
+ }
+
+ /**
+ * Try to remove a non-existant certificate : it's a no-op.
+ */
+ @Test
+ public void testRemove() throws IOException, GeneralSecurityException,
+ Exceptions.UnknownInput, Exceptions.InvalidKeystorePassword,
+ Exceptions.UnableToSaveKeystore {
+ UpdateCertificates uc = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ uc.parseLine(REMOVE_CACERT);
+ uc.writeKeyStore();
+
+ // We start with empty KS, so it shouldn't do anything
+ Assert.assertEquals(false, uc.contains(ALIAS_CACERT));
+ }
+
+ /**
+ * Try to add cert, write to disk, then open keystore again and remove.
+ */
+ @Test
+ public void testAddThenRemove() throws IOException,
+ GeneralSecurityException, Exceptions.UnknownInput,
+ Exceptions.InvalidKeystorePassword, Exceptions.UnableToSaveKeystore {
+ UpdateCertificates ucAdd = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ ucAdd.parseLine(ADD_CACERT);
+ ucAdd.writeKeyStore();
+
+ Assert.assertEquals(true, ucAdd.contains(ALIAS_CACERT));
+
+ UpdateCertificates ucRemove = new UpdateCertificates(this.ksPassword,
+ this.ksFilename);
+ ucRemove.parseLine(REMOVE_CACERT);
+ ucRemove.writeKeyStore();
+
+ Assert.assertEquals(false, ucRemove.contains(ALIAS_CACERT));
+ }
+
+}
diff --git a/debian/changelog b/debian/changelog
index 0782a22..fac694d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+ca-certificates-java (20120603) unstable; urgency=low
+
+ * Use javahelper as buildsystem:
+ - d/control: Add Build-Depends on javahelper.
+ - d/rules: Use jh_build to call javac.
+ * Create a testsuite for this package:
+ - Refactor UpdateCertificates code to send exceptions instead of
+ System.exit(1).
+ - New testsuite: UpdateCertificatesTest.
+ - d/control: Build-Depends on junit4.
+ - d/rules: Launch junit after build and handle "nocheck" option in
+ DEB_BUILD_OPTIONS.
+
+ -- Damien Raude-Morvan <drazzib at debian.org> Sun, 03 Jun 2012 12:10:26 +0200
+
ca-certificates-java (20120524) unstable; urgency=low
[ Marc Deslauriers ]
diff --git a/debian/control b/debian/control
index eb1714a..5b88017 100644
--- a/debian/control
+++ b/debian/control
@@ -2,8 +2,10 @@ Source: ca-certificates-java
Section: java
Priority: optional
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
-Uploaders: Matthias Klose <doko at ubuntu.com>, Torsten Werner <twerner at debian.org>, Damien Raude-Morvan <drazzib at debian.org>
-Build-Depends: debhelper (>= 6), default-jdk
+Uploaders: Matthias Klose <doko at ubuntu.com>,
+ Torsten Werner <twerner at debian.org>,
+ Damien Raude-Morvan <drazzib at debian.org>
+Build-Depends: debhelper (>= 6), default-jdk, javahelper, junit4
Standards-Version: 3.9.3
Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/ca-certificates-java
Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/ca-certificates-java/
@@ -11,9 +13,11 @@ Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/ca-certificates-java/
Package: ca-certificates-java
Architecture: all
Multi-Arch: foreign
-Depends: ca-certificates (>= 20090814), openjdk-6-jre-headless (>= 6b16-1.6.1-2) | java6-runtime-headless, ${misc:Depends}, ${nss:Depends}
+Depends: ca-certificates (>= 20090814),
+ openjdk-6-jre-headless (>= 6b16-1.6.1-2) | java6-runtime-headless,
+ ${misc:Depends},
+ ${nss:Depends}
# We need a versioned Depends due to multiarch changes (bug #635571).
-#Recommends: libnss3-1d
Description: Common CA certificates (JKS keystore)
This package uses the hooks of the ca-certificates package to update the
cacerts JKS keystore used for many java runtimes.
diff --git a/debian/copyright b/debian/copyright
index 7dfc120..a61242c 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,12 +1,12 @@
This package was debianized by Matthias Klose <doko at ubuntu.com>
on Mon, 02 Jun 2008 14:52:46 +0000.
-Authors:
+Authors:
Matthias Klose <doko at ubuntu.com>
Torsten Werner <twerner at debian.org>
-Copyright:
+Copyright:
Copyright (C) 2008 Canonical Ltd
Copyright (C) 2011 Torsten Werner <twerner at debian.org>
diff --git a/debian/jks-keystore.hook.in b/debian/jks-keystore.hook.in
index 362364a..25cdf94 100644
--- a/debian/jks-keystore.hook.in
+++ b/debian/jks-keystore.hook.in
@@ -13,6 +13,7 @@ if [ -f /etc/default/cacerts ]; then
fi
arch=`dpkg --print-architecture`
+JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar
echo ""
if [ "$cacerts_updates" != yes ] || [ "$CACERT_UPDATES" = disabled ]; then
@@ -68,10 +69,7 @@ do_cleanup()
fi
}
-CLASSPATH=/usr/share/ca-certificates-java
-export CLASSPATH
-
-if java UpdateCertificates -storepass "$storepass"; then
+if java -jar $JAR -storepass "$storepass"; then
do_cleanup
else
do_cleanup
diff --git a/debian/postinst.in b/debian/postinst.in
index d247697..0b3f5b4 100644
--- a/debian/postinst.in
+++ b/debian/postinst.in
@@ -13,6 +13,7 @@ if [ -f /etc/default/cacerts ]; then
fi
arch=`dpkg --print-architecture`
+JAR=/usr/share/ca-certificates-java/ca-certificates-java.jar
setup_path()
{
@@ -24,9 +25,6 @@ setup_path()
done
export JAVA_HOME=/usr/lib/jvm/$jvm
PATH=$JAVA_HOME/bin:$PATH
-
- CLASSPATH=/usr/share/ca-certificates-java
- export CLASSPATH
}
first_install()
@@ -42,7 +40,7 @@ first_install()
# Forcibly remove diginotar cert (LP: #920758)
if [ -n "$FIXOLD" ]; then
echo -e "-diginotar_root_ca\n-diginotar_root_ca_pem" | \
- java UpdateCertificates -storepass "$storepass"
+ java -jar $JAR -storepass "$storepass"
fi
find /etc/ssl/certs -name \*.pem | \
@@ -55,7 +53,7 @@ first_install()
fi
echo "+${filename}"
done | \
- java UpdateCertificates -storepass "$storepass"
+ java -jar $JAR -storepass "$storepass"
echo "done."
}
diff --git a/debian/rules b/debian/rules
index ca02808..22ad12f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -13,6 +13,12 @@ else
endif
JAVA_HOME := /usr/lib/jvm/default-java
+export JAVA_HOME
+OPTS := --no-javadoc --main=UpdateCertificates --javacopts="-source 1.6 -target 1.6"
+CLASSPATH := /usr/share/java/junit4.jar
+export CLASSPATH
+
+do_junit = $(if $(findstring nocheck,$(DEB_BUILD_OPTIONS)),,yes)
d = debian/ca-certificates-java
@@ -21,13 +27,19 @@ build-indep: build
build: build-stamp
build-stamp:
dh_testdir
- $(JAVA_HOME)/bin/javac -source 1.6 -target 1.6 UpdateCertificates.java
+ jh_build $(OPTS) ca-certificates-java.jar .
+ifeq ($(do_junit),yes)
+ $(JAVA_HOME)/bin/java -cp /usr/share/java/junit4.jar:./ca-certificates-java.jar \
+ org.junit.runner.JUnitCore \
+ UpdateCertificatesTest
+endif
touch $@
clean:
dh_testdir
dh_testroot
- $(RM) build-stamp UpdateCertificates.class
+ jh_build --clean
+ $(RM) build-stamp
dh_clean
for f in debian/*.in; do \
f2=$$(echo $$f | sed ';s/\.in$$//'); \
@@ -37,7 +49,7 @@ clean:
install: build
dh_testdir
dh_testroot
- dh_clean -k
+ dh_prep
dh_installdirs \
usr/share/ca-certificates-java \
etc/default \
@@ -52,7 +64,7 @@ install: build
$(d)/etc/ca-certificates/update.d/jks-keystore
install -m600 debian/default \
$(d)/etc/default/cacerts
- dh_install UpdateCertificates.class /usr/share/ca-certificates-java/
+ dh_install ca-certificates-java.jar /usr/share/ca-certificates-java/
# Build architecture-independent files here.
binary-indep: build install
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/ca-certificates-java.git
More information about the pkg-java-commits
mailing list